AINOVA SYSTEMS – DATA PROCESSORS

Last Updated: September 14, 2025

This page lists all third-party service providers (sub-processors) that Ainova Systems uses to deliver our Service. We ensure that each sub-processor is bound by appropriate data protection agreements and security standards.

INFRASTRUCTURE & HOSTING

Supabase Inc.
- Purpose: Authentication, database services, and user management
- Data Processed: User profiles, authentication credentials, API keys, usage statistics, subscription data
- Location: Germany (EU)

Hetzner Online GmbH
- Purpose: Complete platform infrastructure hosting (backend, frontend, database, and file storage)
- Data Processed: Platform frontend/backend, user sessions, processed documents, Convert results, user-uploaded files
- Location: Germany (EU)

NETWORK & SECURITY

Cloudflare, Inc.
- Purpose: Content delivery network (CDN), DDoS protection, and network proxy
- Data Processed: API and web traffic in transit, IP addresses for security
- Location: Global network (data processed at nearest edge location)

PAYMENT PROCESSING

Stripe, Inc.
- Purpose: Payment processing, subscription management, and billing
- Data Processed: Payment card details, billing information, transaction history
- Location: EU for European customers, US for others

COMMUNICATIONS

Brevo (Sendinblue SAS)
- Purpose: Transactional and marketing email services
- Data Processed: Email addresses, email content, campaign analytics
- Location: France (EU)

PROFESSIONAL SERVICES

Accounting Services
- Purpose: Financial accounting and tax compliance
- Data Processed: Invoices, contracts, financial records (Ainova business data only)
- Location: Lithuania (EU)
- Note: Bound by professional confidentiality obligations

Legal Advisors
- Purpose: Legal compliance and advisory services
- Data Processed: Legal documents, contracts (as required for legal matters)
- Location: European Union
- Note: Bound by attorney-client privilege and professional confidentiality

DATA PROCESSING SAFEGUARDS

All sub-processors are required to:
- Sign appropriate Data Processing Agreements (DPAs)
- Implement adequate technical and organizational security measures
- Process personal data only on our documented instructions
- Assist with GDPR compliance obligations
- Delete or return personal data upon termination of services

For international data transfers outside the EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions where applicable
- Other lawful transfer mechanisms under GDPR

CHANGES TO SUB-PROCESSORS

We may update this list from time to time as we add or remove service providers. Material changes that may impact data protection will be communicated to our Enterprise customers who have requested such notifications.

For questions about our sub-processors or to request notification of changes, please contact us at legal@ainovasystems.com.

CONTACT INFORMATION

Ainova Systems, MB
Address: Neries g. 25A, Nemenčinė, LT-15171 Vilnius r., Lithuania
Email: legal@ainovasystems.com

This list was last reviewed and updated on the date shown at the top of this page.